summaryrefslogtreecommitdiff
path: root/source3/rpc_parse
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6351: This is quite a large and intrusive patch, but there are not many ↵Volker Lendecke1-135/+86
pieces that can be taken out of it, so I decided to commit this in one lump. It changes the passdb enumerating functions to use ldap paged results where possible. In particular the samr calls querydispinfo, enumdomusers and friends have undergone significant internal changes. I have tested this extensively with rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will follow later. The code is based on a first implementation by Günther Deschner, but has evolved quite a bit since then. Volker (This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
2007-10-10r6243: Yes. I *will* hate myself in the morning for this one.Gerald Carter1-0/+17
I need to gather some more information to know if these extra context id's may be used later. But for now, pw changes via CTL+ALT+DEL from win2k3sp1 clients work. (This used to be commit e7189a4e4b2211ce396944559d38056fa5b57f65)
2007-10-10r6232: more cleanups; remove BUFFER3; rename BUFFER4 -> RPC_DATA_BLOB; ↵Gerald Carter3-84/+55
rename REG_CREATE_VALE -> REG_SET_VALUE (This used to be commit 28d433351cf813c7fb57ebac0e0f4973c85f73e8)
2007-10-10r6228: remove BUFHDR2 and clean up LsaEnumTrustedDomains()Gerald Carter3-101/+106
Tested client and server code. (This used to be commit efb3ac4c69c72c0fa01c558951fa357893562bce)
2007-10-10r6218: * fix a segv in EnumPrinters():rpc_buffer_alloc when the caller does ↵Gerald Carter2-0/+53
not provide an RPC_BUFFER in the request * add initial (but wire untested) support for RegRestoreKey() (This used to be commit 22855c7aae940cc4082c231a470f612b8fc6fa0d)
2007-10-10r6071: * clean up UNISTR2_ARRAY ( really just an array of UNISTR4 + count )Gerald Carter3-76/+96
* add some backwards compatibility to 'net rpc rights list' * verify privilege name in 'net rpc rights privileges <name>' in order to give back better error messages. (This used to be commit 0e29dc8aa384dfa6d2495beb8a9ffb5371e60a13)
2007-10-10r6046: $ net -S block -U % -W VALE rpc service status spoolerGerald Carter1-1/+1
spooler service is SVCCTL_RUNNING. Configuration details: Service Type = 0x110 Start Type = 0x2 Error Control = 0x1 Tag ID = 0x0 Executable Path = C:\WINNT\system32\spoolsv.exe Load Order Group = SpoolerGroup Dependencies = RPCSS/ Start Name = LocalSystem Display Name = Print Spooler (This used to be commit b921bf568835042a43bb0bcb2abd9d36c9d2e43f)
2007-10-10r6038: adding more flesh to 'net rpc service'Gerald Carter1-8/+3
open and close the service control manager. Also experimenting with ideas for cli_xxx() interface. (This used to be commit 4da89ef17b8c4644b97b923cebfe8e446b508b4d)
2007-10-10r6014: rather large change set....Gerald Carter9-835/+1937
pulling back all recent rpc changes from trunk into 3.0. I've tested a compile and so don't think I've missed any files. But if so, just mail me and I'll clean backup in a couple of hours. Changes include \winreg, \eventlog, \svcctl, and general parse_misc.c updates. I am planning on bracketing the event code with an #ifdef ENABLE_EVENTLOG until I finish merging Marcin's changes (very soon). (This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
2007-10-10r6004: Let's make server manager able to kill a user session.Simo Sorce1-0/+73
This will send a shutdown command to the right process by pid read from the sessions list. (This used to be commit 5d3d025db757f7d48f241142a60a93214f2b47ea)
2007-10-10r5946: BUG 2497: fix bug in rpcclient's deletedriverex when asking to delete ↵Gerald Carter1-1/+1
all versions of a driver (This used to be commit 1f0060278609a194b76872367530d2f7bcea7fa7)
2007-10-10r5809: try to catch NULL pointers during developerment for rpcbuf_move()Gerald Carter1-2/+1
(This used to be commit f9e9a42c0734129100e1cdd4a9ad1539b65ab5bc)
2007-10-10r5808: removing unneeded structure field from RPC_BUFFERGerald Carter1-25/+0
(This used to be commit 9b0bfd7e6fd1acc85ec53d2fa32d61cd34aa2345)
2007-10-10r5805: merging spoolss parsing changes from trunk and cleaning up resulting ↵Gerald Carter5-488/+627
segvs (This used to be commit 25121547caaaed0d60f4db7458570c14e7d21b2a)
2007-10-10r5726: merge LsaLookupPrivValue() code from trunkGerald Carter1-14/+29
(This used to be commit 277203b5356af58ce62eb4eec0db2eccadeeffd6)
2007-10-10r5580: Fix "net rpc trustdom add". Much closer to what windows does. Also stopJim McDonough1-42/+18
referencing unknown_6 from sam, because it's just fixed at 1260, the max len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb. (This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
2007-10-10r5536: Avoid intermediate copy of NT and LM responses in NETLOGON client.Andrew Bartlett1-14/+0
This copy was length-limited, which broke when the NTLMv2 response was more than 128 bytes in length. Andrew Bartlett (This used to be commit bae18aaaff7f9eff90db566b9a254a11d281aa01)
2007-10-10r5262: Fix server_role in the samr_query_dom_info calls. When we are a BDC weGünther Deschner1-6/+6
should not say we are a PDC. Guenther (This used to be commit 6cdf3b97de2c28ac92f972621b0ce04c1c80cea5)
2007-10-10r5125: Fix bug 2113 -- thanks to jason@ncac.gwu.eduVolker Lendecke1-13/+0
(This used to be commit 0c205bcc864c8dc01124a5d654792de0cbf79a63)
2007-10-10r4946: Our notion the other_sids in the info3 SamLogon struct wasVolker Lendecke1-12/+33
...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker (This used to be commit a0a6388830d9457de3e42686c64bddeba42954f8)
2007-10-10r4875: Fix for bugid #221, inspired by Mrinal Kalakrishnan <mail@mrinal.net>.Jeremy Allison1-13/+69
NT sometimes send garbage bytes in NT security descriptor linearizations when sending well-known sids. Cope with these. Jeremy. (This used to be commit 51b34bb536fdb18c99da1e151eba03ea634e0449)
2007-10-10r4868: Add "net rpc user RENAME"-command.Günther Deschner1-2/+51
Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2007-10-10r4746: add server support for lsa_enum_acct_rights(); last checkin for the nightGerald Carter1-0/+27
(This used to be commit ccdff4a998405544433aa32938963e4c37962fcc)
2007-10-10r4742: add server support for lsa_add/remove_account_rights() and fix some ↵Gerald Carter1-4/+4
parsing bugs related to that code (This used to be commit 7bf1312287cc1ec6b97917ba25fc60d6db09f26c)
2007-10-10r4724: Add support for Windows privileges in Samba 3.0Gerald Carter1-12/+69
(based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4. (This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
2007-10-10r4668: allow the caller to invoke init_unistr2() with a NULL buffer to match ↵Gerald Carter1-0/+8
previous behavior; more checks to come tomorrow (This used to be commit 9a29bef056f92ef6f1df01f56c121088f84be16b)
2007-10-10r4656: Convert the winreg pipe to use WERROR returns (as it should).Jeremy Allison1-25/+25
Also fix return of NT_STATUS_NO_MORE_ENTRIES should be ERROR_NO_MORE_ITEMS reported by "Marcin Porwit" <mporwit@centeris.com>. Jeremy. (This used to be commit 511cdec60d431d767fb02f68ca5ddd4ddb59e64a)
2007-10-10r4601: Removed any use of the MAX_XXX_STR style definitions. A little largerJeremy Allison2-78/+71
change than I'd hoped for due to formating changes to tidy up code. Jeremy. (This used to be commit a348f9221a9fe719dc6f0db6eb295575c2f95e1e)
2007-10-10r4336: Apply some other samba4 SAMR idl that is just too obvious. Don't hardGünther Deschner1-6/+4
set the value "forcibly disconnect remote users from server when logon hours expire" to "no", instead take the value from our account-policy storage. Guenther (This used to be commit e3bd2a22a5cebc4adf6910d3ec31bc6fada8cd35)
2007-10-10r4331: Implement SAMR query_dom_info-call info-level 8 server- and client-side,Günther Deschner1-5/+42
based on samba4-idl. This saves us an enormous amount of totally unnecessary ldap-traffic when several hundreds of winbind-daemons query a Samba3 DC just to get the fake SAM-sequence-number (time(NULL)) by enumerating all users, all groups and all aliases when query-dom-info level 2 is used. Note that we apparently never get the sequence number right (we parse a uint32, although it's a uint64, at least in samba4 idl). For the time being, I would propose to stay with that behaviour. Guenther (This used to be commit f9ab15a986626581000d4b93961184c501f36b93)
2007-10-10r4287: Vampire SAM_DELTA_DOMAIN_INFO.Günther Deschner2-12/+96
Based on samba4-idl. The decoding of account-lockout-string is somewhat experimental though. Guenther (This used to be commit 721bf50d7446b8ce18bc1d45e17d4214d5a43d26)
2007-10-10r4286: Give back 8 byte lm_session_key in Netrsamlogon-reply.Günther Deschner1-6/+20
The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting acct_flags with bizarre values, breaking a lot of things. This patch is successfully running in a production environment for quite some time now and is required to finally allow Exchange 5.5 to access another Exchange Server when both are running on NT4 in a samba-controlled domain. This also allows Exchange Replication to take place, Exchange Administrator to access other Servers in the network, etc. Fixes Bugzilla #1136. Thanks abartlet for helping me with that one. Guenther (This used to be commit bd4c5125d6989cebc90152a23e113b345806c660)
2007-10-10r4219: Fix samba3 samr "idl"... According to samba4 idl samr_DomInfo2 contains aVolker Lendecke1-17/+6
comment string and not an unknown 12 byte structure... Found after abartlet's smbtorture extended this string to "Tortured by Samba4: Fri Nov 26 15:40:18 2004 CET" ;-)) Volker (This used to be commit b41d94d8186f66136918432cf32e9dcef5a8bd12)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison11-306/+239
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r4005: Fix for bug #2071 reported by Jason Mader <jason@ncac.gwu.edu>.Jeremy Allison1-1/+1
Use correct enum type for comparisons. Jeremy. (This used to be commit b926480d053e42205e959b9808a6e3bb90db9ce5)
2007-10-10r3928: Fix duplicate call to pdb_get_acct_desc(). Bugzilla #2080.Tim Potter1-1/+1
(This used to be commit 3ebfd137b2d8f393874561046ef79f4d9a8cae52)
2007-10-10r3645: Allow deldriverex in rpcclient to delete drivers for a specificGünther Deschner1-2/+8
architecture and a specific version. Guenther (This used to be commit a24df09386f177e625fb99c975896cbe7a594b4b)
2007-10-10r3639: patch from Martin Zielinski <mz@seh.de> to add DeleteDriverEx() ↵Gerald Carter1-0/+24
function to rpcclient (This used to be commit cfd51c02447f7b42cffcaf4cc6179237d58c8229)
2007-10-10r2476: now that PRINTER_ATTRIBUTE_PUBLISHED does not get reset anymore, migrateGünther Deschner1-0/+30
the publishing-state for migrated printers as well. Therefor added client-side-support for setprinter level 7. Next will be a "net rpc printer publish"-command (just for completeness). Guenther (This used to be commit 224920738fdc65ef170152062177421cfed85bbf)
2007-10-10r2396: Fix bug found by Cornelio Bondad Jr <Corny.Bondad@hp.com>.Jeremy Allison1-5/+3
To correct “net rpc vampire” core dump. Jeremy. (This used to be commit cd910ffc510f2007c2619d7a4d31e5e41de7d1d1)
2007-10-10r1692: first commit :)Günther Deschner2-14/+69
* add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2007-10-10r1492: Rework our random number generation system.Andrew Bartlett1-1/+1
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
2007-10-10r1202: This hopefully fixes our memory use when unmarshalling strings. The ↵Volker Lendecke1-1/+4
test case was 'rpcclient -c "enumprinters 2"' with 4000 printers. At some point this completely exploded in memory usage. For every string we talloc'ed memory up to the end of the buffer. -> O(n^2). This survives valgrind with this number of printers. It might also have influence on winbind with a large number of users. All those who dare to look at samba3 rpc code, could you please take a look? I know this is a burden, but I would like comments ;-))) Volker (This used to be commit af251f4ea63c584604972e1c8add83e65046de80)
2007-10-10r1125: Remove bougus comments. (The real fix was to the sealed pipe padding)Andrew Bartlett1-2/+1
Andrew Bartlett (This used to be commit 61768f4cb3a268ce30911b15b30f82de36716b5f)
2007-10-10r991: Allow winbindd to use the domain trust account passwordGerald Carter1-6/+61
for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
2007-10-10r977: Implement 'net rpc group rename' -- rename domain groups.Volker Lendecke1-0/+46
Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2007-10-10r704: BUG 1315: fix for schannel client connections to server's that don't ↵Gerald Carter1-5/+15
support 128 bit encryption (This used to be commit 316ba5ad89ddfa445d44d28141c5901fc64aec90)
2007-10-10r480: Added Andrew Bartletts pwinfo-parse-error.patch.Jeremy Allison1-3/+3
Jeremy. (This used to be commit b9e79004a4c1e4a472f0627d2c33c966af22ccd2)
2007-10-10r196: merging struct uuid from trunkGerald Carter6-52/+65
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
2007-10-10r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session ↵Andrew Bartlett1-3/+3
key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it. (This used to be commit 724e8d3f33719543146280062435c69a835c491e)